An AnySwapV4Router Contract Vulnerability Exploited by Attackers for Profit

02/15/2023 06:46 • Blockchain Briefs • 115 views

It is reported that, according to the monitoring of the Beosin EagleEye security risk monitoring, warning and blocking platform of Beosin, a blockchain security audit company, on February 15, 2023, an attacker used the MEV contract (0xd050) to preemptively call the anySwapOutUnderlyingWithPermit function of the AnyswapV4Router contract before the normal transaction execution (the user authorized the WETH but has not yet transferred the account) for signature authorization transfer, Although the function uses the permit signature verification of the token, the stolen WETH has no relevant signature verification function, and only triggers the deposit function in the fallback. In subsequent function calls, attackers can directly use the safeTransferFrom function to_ The underlying address is authorized to the WETH of the attacked contract and transferred to the attack contract. The attacker made a profit of about 87 Ethereum, about $130000. Beosin Trace tracked and found that about 70 Ethereum stolen funds had entered the address 0x690b, and about 17 Ethereum remained in the MEVBOT contract.

Security team: Multichain’s Anyswap V4 Router contract suffered a preemptive attack, and the attacker made about $130000

Analysis based on this information:

Beosin EagleEye security risk monitoring recently reported an attack on the AnySwapV4Router contract, which was detected using the MEV contract. On February 15, 2023, an attacker used the MEV contract to preemptively call the anySwapOutUnderlyingWithPermit function of the AnySwapV4Router contract before the normal transaction execution, for signature authorization transfer. However, it was found that although the function uses the permit signature verification of the token, the stolen WETH did not have any relevant signature verification function. As a result, the only function that was triggered was the deposit function in the fallback.

The attacker was able to directly use the safeTransferFrom function to gain access to the underlying WETH of the attacked contract and transfer it to their own account. The attacker earned a profit of 87 Ethereum, which was valued at about $130,000 at the time of the attack. The researchers from Beosin Trace later found that about 70 Ethereum stolen funds had entered the address 0x690b, and about 17 Ethereum remained in the MEVBOT contract, which was suspected to be controlled by the attacker.

This attack highlights the potential security risks associated with the AnySwapV4Router contract, as well as the importance of properly implementing signature verification functions to ensure the safety and security of users. The lack of relevant signature verification functions made it easy for the attacker to exploit the vulnerability in the contract, and potentially gain access to other user’s funds.

In conclusion, the attack on the AnySwapV4Router contract is a reminder for developers to be vigilant when it comes to cybersecurity and to properly implement safety measures to protect against potential attacks. It is important to remain up to date with the latest security vulnerabilities and to take proactive measures to minimize the risks associated with them.

This article and pictures are from the Internet and do not represent aiwaka's position. If you infringe, please contact us to delete:https://www.aiwaka.com/2023/02/15/an-anyswapv4router-contract-vulnerability-exploited-by-attackers-for-profit/

It is strongly recommended that you study, review, analyze and verify the content independently, use the relevant data and content carefully, and bear all risks arising therefrom.